Share this article on:
Sydney-based investment firm FIIG Securities has revealed itself as the latest victim of an attack from an infamous Russia-based hacking organisation.
A claimed 385 gigabytes of data have been reportedly stolen from FIIG, which holds $5 billion in bonds under advice and 6,000 Australian investors.
FIIG said in a statement that its systems were hacked by an unpermitted group over the weekend, and it has initiated its “cyber response strategy [by] working with third-party cyber security experts and isolating affected systems”.
“As soon as we became aware that a third party had illegally accessed our IT systems, we activated our cyber response.
“We successfully took our IT systems and our client-facing portal offline to prevent further access to our systems and data.
“We are in the process of methodically and safely restarting our systems,” FIIG said.
Only days later, the Russian BlackCat threat group, also known as ALPHV, claimed to be behind the attack and quoted 385 gigabytes as the amount of data it stole.
“You have three days for contact with us to decide this pity [sic] mistake, which made your IT department, decide what to do in next step,” said the Russian ransomware group.
#ALPHV has listed FIIG, an Australian financial services company which has $5 billion under advice. pic.twitter.com/gKJ6XzNQ81
— Brett Callow (@BrettCallow) June 10, 2023
According to FIIG, the hack saw data such as names, addresses, driver’s licenses, passports, tax file numbers, bank accounts and birth dates may have all been affected.
It has said that it has contacted the relevant authorities, including the Australian Cyber Security Centre and the Office of the Australian Information Commissioner, and is currently contacting clients to notify them of what data may have been affected, as well as what those affected need to do to remain secure.
In response to a request for comment by Cyber Security Connect regarding customer opinion of its response to the attack, FIIG responded with an excerpt of its aforementioned statement.
The attack from BlackCat comes just after it reported an attack on HWL Ebsworth, one of Australia’s major law firms. The group posted 1.45 terabytes of data on its leak site, with the hack reportedly affecting major institutions such as the Tasmanian government.